Key Takeaways from RSA 2015

RSA 2015 drew more than 28,000 security-minded people to its latest week-long conference in San Francisco. The key takeaways from the discussions, workshops, and keynotes were highlighted by the tech, business, and mainstream press. The Associated Press coverage pointed out that attending RSA is a particularly sobering experience for those not involved in the security […]

PCI DSS 3.0: Are You In Compliance Yet?

The new Payment Card Industry Data Security Standard 3.0 (PCI DSS 3.0) that went into effect on January 1 contains significant changes.  Some of the requirements will remain suggested best practices until July 1, 2015. After that, they too become mandatory. PCI 3.0 will have the greatest impact on e-commerce merchants who partner with third […]

Does Your Organization Need Cyber Insurance?

News about the damage associated with the Sony breach keep coming, and is most likely going to reach new heights over the Christmas break. Meanwhile, criminals keep conducting immensely successful hack attacks against huge brands that should have the financial assets and talent to protect against breaches. Has this risk management gone very wrong — […]

Financial Industry IT Security 2015 To-Do List

The forthcoming cybersecurity guidance from the Federal Financial Institutions Examination Council is expected to focus on people and processes that defend against specific types of threats, Future IT examinations for all sizes of banking institutions will include reviews of employee awareness of security threats, the depth and breadth of an institution’s training programs, patching policies, […]

Get Ready Now for 2015 HIPAA Audits

A random audit program to gauge HIPAA compliance is expected to commence in early 2015. This round will include both on-site and off-site reviews. Your New Year will be happier if you start getting audit-ready now. We have provided you with tips below to make the process easier. Off-Site Audits Off-site audits focus on documentation […]

Protecting Your Intellectual Property – Tips from Real World Audits

Introduction In the course of any given year BAI Security performs hundreds of IT Security Audits for truly security-conscious organizations in highly regulated industries.  Our specialization includes in-depth IT Security Audit and Forensic services primarily to the Banking and Finance, Pharmaceutical, Healthcare, and Insurance sectors. In an effort to bring awareness to growing trends related […]

New Guidance Released by NIST Redefines Assurance & Trustworthiness for Financial Institutions

On April 30th, 2013 the National Institute of Standards and Technology (NIST) issued their latest version of essential guidance: Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations.  Led by Ron Ross, a NIST fellow and the project leader, a team of computer scientists spent the past two years […]

2013 Insider Threat to Banks and Credit Unions – Data Leakage

The following is an excerpt from an article regarding the “Top IT Security Threats for 2013” “One of the areas we see a dramatic increase of concern is over data leakage,” says Michael Bruck of Chicago-based BAI Security.  “The ease in which an individual can export sensitive information from an internal network is chilling for […]

4 Tech Tips for Organizations Planning a Merger

Mergers, Acquisitions and Divestitures require special handling when bringing together two distinct organizations or separating a business from the remaining IT infrastructure. The technical environment can be rife with unsecure access points, un-patched servers, and incorrectly configured firewall settings. Information on the acquired company technical environment may be non-existent or incomplete and depending on the […]